Could Meerkats and Avatars hold the secret to security for the smaller business?

security button on keyboard

COMMENT:Implementing a secure data strategy is not difficult when you are a larger enterprise. All it takes is money to buy the right advice from the right people (whether that's in-house staff or outsourced consultancy) and deploying the solutions best suited to your particular needs.

In fact, the bigger your business, the easier data security becomes. But what if you are at the very smaller end of the SME scale, with little in the way of budget to spare or knowledge to draw upon? Truth be told, data security gets harder the smaller you are and, believe you me, the bad guys have noticed.

No matter what size business you are, following well established best practice principles will cost you nothing and go a long way to making your enterprise more secure.

You might not have the volume of data that attracts both the Eastern European organised crime gangs and media headlines alike when said gangs successfully breach the network perimeter. But the opportunist cyber criminal, the bedroom script kiddies and small-time chancers, are quite happy to prod away at smaller, more insecure networks. In other words, they have the hard-pressed, hard-up, small business firmly in their sights.

So where do Meerkats and Avatars enter the data security equation? Simples (erm, sorry about that) that's the name of the annual event held at the St John's Innovation Centre in Cambridge which sees early-stage companies demonstrate their innovative technologies in front of invited members of the media and potential investors. David Gill, director of the St John's Innovation Centre, is quite right in pointing out that the introduction of the Small Business Research Initiative (SBRI), which enables early-stage, high-technology SMEs to take part in a tendering process for government contracts, has "made a tangible difference to many Cambridge companies by introducing them to a real' client".

The Meerkats and Avatars event was held yesterday, and one of the companies that leapt out from the seventeen innovators being showcased this year was Smart Architects with a product called sCrib. This hardware device plugs into a USB port and stores twelve cryptographically secure passwords. Dr Dan Cvrcek, founder of Smart Architects, explains that each password can be up to 20 characters in length and automatically generated, which you then use to replace twelve of your existing passwords without the need for any software or, indeed, expertise. "sCrib's unique algorithm protects passwords against viruses and keylogging" Cvrcek says, continuing "if an sCrib is lost this doesn't allow anyone else access to the passwords because each password is not accompanied by information about what it is for. To increase security further it is possible to add a typed PIN to important passwords: a few digits or letters which users type before they press a button on the sCrib". So the device then becomes, in effect, an instant two-factor authentication hardware token.

It's not the first time that the company has found itself being accused of innovation in the data security world: Earlier this year it was a finalist in the Global Security Challenge. This competition searches for the world's most innovative security startups, and it looks like it may just have found one. Especially, returning to my point at the start of all this, when most current security systems are too complex and too expensive for the average small business.

Of course, no matter what size business you are, following well established best practice principles will cost you nothing and go a long way to making your enterprise more secure.

Davey Winder

Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.

Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.

You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.